Firewall plugin found malware in search function

  • I have Ipower host, which is suspect by many WP owners now, but I don’t know if this is a security breach with them.

    Added Plugin Firewall WordPress 2 2 weeks ago. I got notified yesterday that someone inserted code in my search function, like this:
    ‘s = Search this site…/trackback’.
    I assume anyone using the search function would get redirected. This is only in one of my 4 blogs.

    Has anyone ever seen spam be able to get in the search function before?

    Also, I would like to tighten up my permissions, but 644 doesn’t work for my ftp nor my host. I finally had to settle for 754. Not much different from 755, but not sure what else I can do. Suggestions?

Viewing 2 replies - 1 through 2 (of 2 total)

  • The fact that you got an email means that the attack was blocked.

    Your whole site should be 755 except .htaccess and wp-admin/index.php which should be 644.

    Thread Starter Drawer

    (@drawer)

    Thanks, Jonas, for the confirmation on permission. I do have that, just wanted to make sure that wasn’t my fault.

    And you’re right, Firewall did stop it. But I’m concerned that somehow the hacker got inside my WordPress! How?!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Firewall plugin found malware in search function’ is closed to new replies.